Hot Posts

6/recent/ticker-posts

A Denial Of Service Attack On Bitcoin Consensus



Conservatism, in the literal and not political sense, has always been a core part of the Bitcoin ecosystem. Satoshi himself was very cautious and thorough in his original design attempts, and developers since have tried to be very cautious and thorough in the development process after his departure.

Numerous pieces of technology have been developed originally for Bitcoin, eventually being tested on other networks specifically out of that caution. Confidential Transactions, one of the core pieces of technology underlying Monero? It was created by Gregory Maxwell for Bitcoin. It was not implemented due to large inefficiencies in terms of data size, and because of the fact that it fundamentally changed cryptographic assumptions.

All cryptography used in Bitcoin relies on the discrete log assumption, that factoring two prime numbers of large enough size is not possible. If this assumption breaks, everyone’s private keys are crackable from their public keys. Confidential Transactions, and how they work, would allow someone to secretly inflate the money supply instead of just cracking other people’s keys, and no one would be able to tell because it obscures the transaction amounts from public view.

Similarly the SNARK scheme used in Zcash to provide zero knowledge proofs for Bitcoin was originally a proposal for Bitcoin, Zerocoin. This also was never implemented, out of conservatism and caution, on Bitcoin itself. The entire cryptographic scheme relied on trusted third parties initializing it, and in order to remain secure required users trust them to delete private key material used to initialize the system. This was deemed an unacceptable tradeoff for Bitcoin.

Even Taproot, which has been active for three years or so now, is a proposal ultimately made of two separate concepts going back to as early as 2012. MAST and Schnorr signatures. MAST is the idea of taking multiple possible spending scripts and turning them into a merkle tree, so that only the path used is ever revealed on-chain. It took 9 years for those two ideas to go from being ideas to something actually implemented.

Conservatism has always been core to how this protocol and network was developed.

Recent Proposals

I myself have been highly skeptical about any proposals floated around in the last few years since Taproot activation, preferring to be very conservative in what I choose to support. For instance, I have been arguing for the activation of BIP 119, CHECKTEMPLATEVERIFY, for years exactly because of how conservative and simple it is. I.e. because of what it does not enable.

Mechanically CTV cannot actually enable anything that is not already possible using pre-signed transactions, the only difference between that and CTV is that one is enforced by consensus, the other is enforced by trusting the people who pre-sign those transactions.

My chief focus in looking at proposed changes has always been identifying unintended or detrimental consequences. My criticisms of drivechains are a perfect example of this. Drivechains have been pitched as a scaling solution with no negative externalities to the rest of the network. I have argued for years, initially essentially alone, that that statement is in fact not true. I have delineated the arguments why I assert that is untrue, and what negative consequences that would have on the network if it were to be activated.

Most of my concern with other recent covenant proposals essentially boils down to one thing: enabling some variation of drivechains. Drivechains, or similar systems, allow anyone to be the block producer moving the state of the system forward. In practice, this means that miners have a de facto monopoly on engaging in that process should they choose to exercise it. If such a system actually gains adoption, and enables functionality that gives miners room to extract value front running transactions, like on other systems such as Ethereum, then that is an economic incentive for them to exercise that monopoly.

That is a centralization pressure for mining, and once you enable such systems there is no way to restrict what functionality these other layers or blockchains enable, so there is no way to limit them to a degree of functionality that does not introduce those problems. What you need in order to build such a system is the ability to restrict where coins can go in the future, i.e. a covenant, and the ability to ensure that data carries forward from one transaction to another.

This lets you create an open UTXO that anyone (read: miners) can commit to facilitating a withdrawal, and can either be allowed to complete or “canceled” if it is invalid. This, in combination with the ability to have a second layer state, or balances of user funds, changed and updated by anyone according to the rules of the system, gives you a drivechain like system. If you have a closed permissioned set of people who can process withdrawals, like a federation, or a closed permissioned set who can update the state of the system, again like a federation, you do not have a drivechain like system. It does not introduce the types of MEV risks and centralization pressures I am concerned about, for that to occur both the peg and the state update must be open systems that anyone can participate in, and by consensus are de facto open to monopolization by miners.

This has been my bar for whether a proposal is too liberal in what it enables for over half a decade. That isn’t to say it is a hard line that should never be crossed, but it is one that should not be crossed without a rational plan of how to deal with and mitigate the potential centralization pressures it could enable if they do in fact occur.

The Cult of Slow and Steady

As someone who has been the conservative voice for half a decade, the critic of proposals from a highly skeptical and paranoid point of view, rational skepticism and caution is essentially dead. Aside from a small group or cluster of people drowned out by the sea of noise, there is no rational analysis anymore in the call for caution and slow pace.

There is fat and lazy entitlement, demanding to be spoon fed everything. The second the spoon approaches the mouth however, it is slapped away. “How dare you try to feed me!” The last time there was actual contention around a proposal prior to this current covenant debate was the blocksize wars. People actually engaged with the issues involved then, people put in the effort to learn and inquire in an open way. Yes, there were the crazies and the dogmatic lunatics, people who would not engage in an honest discussion.

That was not the majority of people back then. Even a large portion of big blockers when challenged wouldn’t just devolve to dogmatic screeching, they would run numbers. They would engage in a discussion of where a sensible line was in terms of blocksize, and the externality or cost this would present to users. On our side, the winning side, many people joined exactly because of these types of discussions and logical arguments.

I supported the first blocksize increase proposal, Bitcoin XT. I changed my mind because of logical inquiry and discussion. I considered what can actually go wrong, and then investigated how bad those consequences could be. I spent time to better understand the things that I did not understand at the time. That is not what is happening anymore.

People knee jerk and toss out “unknown unknowns” as a counterargument to any proposed change. This is not a valid, or an intellectually honest, response to anything. Everything has unknown unknowns. Doing nothing has unknown unknowns, doing a single conservative change has unknown unknowns, doing everything all at once has unknown unknowns. That’s the whole nature of that logical category of things, you don’t know what you don’t know.

This is a nonsensical, unengageable argument that can be pulled out ad infinitum and never satisfied. It is not a genuine attempt to engage in dialogue, it is a denial of service attack against it.

There are some known unknowns, aspects or consequences of changes that we are aware of but uncertain how they will play out. This is a rational line of inquiry when discussing a change. Some aspects or possibilities with an uncertain outcome can be identified, and these can be discussed. This is not only rational inquiry, but I think absolutely critical and necessary inquiry in discussing changes to Bitcoin.

Just going “unknown unknowns!” in response to every proposal, every discussion of upsides, every analysis of the downsides to present a balanced view of things, is not a rational response. It is not good faith. By the inherent nature of unknown unknowns, this is an impossible thing to address, in either direction. Both changing and not changing Bitcoin present equal risk of unknown unknown, it is inherent in the very nature of what that is.

There is an astonishing lack of self awareness on an intellectual level of this, and a flood of people demonstrating an emotionally driven outlash in regards to acting under that lack of self awareness in public discussion.

The Denial of Service Attack

It’s bad enough to not engage inquisitively in private when confronting new information, or in the case of proposals to Bitcoin specifically, it’s even worse to take that lack of inquisitiveness out into the public discourse. This constant chant of “unknown unknowns” and “the default is no change” and all the other ossification mantras that go even further than that explicitly is not dialogue. It is denial of service.

Doing nothing but engaging in the setting of an impossible to meet bar, and disrupting any other discussion or conversation attempting to elucidate or expand everyone’s understanding of trade offs, or functionality, and then doing that consistently over and over is not engaging in good faith. That is not trying to assess whether a change is safe or not, that is not trying to gauge the likelihood or risk level of unintended consequences, that is just impulsively attempting to stop any and all change for the sake of it.

That is not rational. That is frankly just not sane.

It is like exercising a veto you hold for anything and everything, and yes, vetoes are important in consensus systems. But disrupting conversation is not the veto, the actions of actual transacting economic actors deciding what software to run or not run is the veto. This denial of service on dialogue is not some noble or righteous crusade to save Bitcoin, it is an active attack on those economic actors and their ability to gain a better understanding to make an informed decision on whether to veto something or not.

It is malicious, it is bad faith.

I think, personally, it is motivated by fear. Fear that given the ability to inform themselves, the economic majority would choose differently than individuals who engage like this in conversation. I can really see no other charitable explanation other than just outright stupidity.

The environment these conversations occur in is not good faith anymore, and that is not because of people actually proposing changes, it is because of people with their head in the sands constantly running a denial of service attack on the conversation itself. People who refuse to actually acknowledge what they don’t know. That is a known unknown if you are honest with yourself. What you do not understand, or what you do not understand well. Yet some people, oh so concerned about the unknown unknowns, refuse to fill in the gaps of their own known unknowns.

They refuse to actually learn more about things they don’t understand well. That would be one thing if it was just a quiet choice of an individual, but that is an entirely different thing when those people choose to actively interject themselves into the wider conversation and try to mislead or chase other people away from doing that for themselves.

It’s kind of ironic in a way, this playing out in parallel with ordinals and people claiming we need to “filter the spam.” Maybe we should. Not on the blockchain, as that is just not possible if the incentives of the system are not fundamentally broken, but in the conversations around that blockchain.

This is not a good faith dialogue anymore, and not because the jpeg people are meming about cats, but because the “other side” is essentially denial of service attacking everyone else, preventing them from even having a conversation about whether we even like cats (or dogs) at all. 



from Bitcoin – My Blog https://ift.tt/n2P9SiW
via IFTTT

Post a Comment

0 Comments

Ad Code